XCentralized configuration management (CCM) provides simplified configuration management and automatic data distribution for multi-server environments.

XAuthentication logs provide a complete audit trail of user authentication activity and administrative transactions.

XEncryption of communication between the RSA RADIUS Server and the RSA Authentication Manager prevents electronic eavesdropping.

RSA RADIUS Server Overview

RADIUS is an industry-standard protocol for providing authentication, authorization, and accounting services.

XAuthentication is the process of verifying a user’s identity and determining whether the user is allowed on the network.

XAuthorization is the process of controlling the network resources that the user can access on the protected network, such as privileges and time limits.

XAccounting is the process of generating log files that record statistics describing each connection session, used for billing, system diagnosis, and usage planning.

Figure 1 illustrates a simple RSA RADIUS authentication and authorization sequence using a TTLS/PAP tunnel to facilitate communication between the access client and the RSA RADIUS server.

Note that some access clients may be configured to use RSA Security EAP or Protected One-Time Password (POTP) instead of a TTLS/PAP tunnel. In such cases, the sequence of transactions is similar, though the communication mechanics are different.

Note also that the RSA RADIUS server and the RSA Authentication Manager can reside on the same network host or on different network hosts.

2

About RSA RADIUS Server

September 2005

Page 14
Image 14
RSA Security 6.1 manual RSA Radius Server Overview, About RSA Radius Server September